ghcr.io/dwmkerr/mock-llm:latest linux/amd64

ghcr.io/dwmkerr/mock-llm:latest - Trivy安全扫描结果 扫描时间: 2026-05-19 16:47
全部漏洞信息
低危漏洞:1 中危漏洞:7 高危漏洞:5 严重漏洞:0

系统OS: alpine 3.23.4 扫描引擎: Trivy 扫描时间: 2026-05-19 16:47

ghcr.io/dwmkerr/mock-llm:latest (alpine 3.23.4) (alpine)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
Node.js (node-pkg)
低危漏洞:1 中危漏洞:7 高危漏洞:5 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
@modelcontextprotocol/sdk CVE-2025-66414 高危 1.20.1 1.24.0 Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66414

镜像层: sha256:aaf912f95b6d52ad04b88ba6fd9d9b8daa0c714c3933a532478b0b8b863e9823

发布日期: 2025-12-02 19:15 修改: 2026-03-10 19:40
@modelcontextprotocol/sdk CVE-2026-0621 高危 1.20.1 1.25.2 Anthropic's MCP TypeScript SDK has a ReDoS vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0621

镜像层: sha256:aaf912f95b6d52ad04b88ba6fd9d9b8daa0c714c3933a532478b0b8b863e9823

发布日期: 2026-01-05 21:16 修改: 2026-01-30 01:16
@modelcontextprotocol/sdk CVE-2026-25536 高危 1.20.1 1.26.0 @modelcontextprotocol/sdk: @modelcontextprotocol/sdk cross-client data leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25536

镜像层: sha256:aaf912f95b6d52ad04b88ba6fd9d9b8daa0c714c3933a532478b0b8b863e9823

发布日期: 2026-02-04 22:15 修改: 2026-03-18 14:22
path-to-regexp CVE-2026-4926 高危 8.3.0 8.4.0 path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4926

镜像层: sha256:aaf912f95b6d52ad04b88ba6fd9d9b8daa0c714c3933a532478b0b8b863e9823

发布日期: 2026-03-26 19:17 修改: 2026-04-16 18:04
picomatch CVE-2026-33671 高危 4.0.3 4.0.4, 3.0.2, 2.3.2 picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33671

镜像层: sha256:1162d08df74cbafeaf49341a64985a65ed1966fb1f267543135d65555918dded

发布日期: 2026-03-26 22:16 修改: 2026-04-01 13:45
ip-address CVE-2026-42338 中危 10.1.0 10.1.1 ip-address has XSS in Address6 HTML-emitting methods

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338

镜像层: sha256:1162d08df74cbafeaf49341a64985a65ed1966fb1f267543135d65555918dded

发布日期: 2026-05-12 20:16 修改: 2026-05-12 20:16
ajv CVE-2025-69873 中危 6.12.6 8.18.0, 6.14.0 ajv: ReDoS via $data reference

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69873

镜像层: sha256:aaf912f95b6d52ad04b88ba6fd9d9b8daa0c714c3933a532478b0b8b863e9823

发布日期: 2026-02-11 19:15 修改: 2026-04-15 00:35
path-to-regexp CVE-2026-4923 中危 8.3.0 8.4.0 path-to-regexp: path-to-regexp: Denial of Service via specially crafted paths with multiple wildcards

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4923

镜像层: sha256:aaf912f95b6d52ad04b88ba6fd9d9b8daa0c714c3933a532478b0b8b863e9823

发布日期: 2026-03-26 19:17 修改: 2026-04-16 18:03
brace-expansion CVE-2026-33750 中危 5.0.4 5.0.5, 3.0.2, 2.0.3, 1.1.13 brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750

镜像层: sha256:1162d08df74cbafeaf49341a64985a65ed1966fb1f267543135d65555918dded

发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
picomatch CVE-2026-33672 中危 4.0.3 4.0.4, 3.0.2, 2.3.2 picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33672

镜像层: sha256:1162d08df74cbafeaf49341a64985a65ed1966fb1f267543135d65555918dded

发布日期: 2026-03-26 22:16 修改: 2026-04-01 13:44
qs CVE-2025-15284 中危 6.14.0 6.14.1 qs: qs: Denial of Service via improper input validation in array parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15284

镜像层: sha256:aaf912f95b6d52ad04b88ba6fd9d9b8daa0c714c3933a532478b0b8b863e9823

发布日期: 2025-12-29 23:15 修改: 2026-02-26 19:57
uuid CVE-2026-41907 中危 11.1.0 11.1.1, 12.0.1, 13.0.1 uuid: uuid: Out-of-bounds write vulnerability impacts data integrity and confidentiality

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41907

镜像层: sha256:aaf912f95b6d52ad04b88ba6fd9d9b8daa0c714c3933a532478b0b8b863e9823

发布日期: 2026-04-24 19:17 修改: 2026-05-11 13:53
qs CVE-2026-2391 低危 6.14.0 6.14.2 qs: qs's arrayLimit bypass in comma parsing allows denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2391

镜像层: sha256:aaf912f95b6d52ad04b88ba6fd9d9b8daa0c714c3933a532478b0b8b863e9823

发布日期: 2026-02-12 05:17 修改: 2026-02-24 20:13